Wireless hack ‘can unlock 100m Volkswagens’

Security researchers claim to have uncovered a vulnerability in the locking systems of Volkswagen cars that could leave up to 100 million vehicles exposed to break-ins.

The computer scientists from the University of Birmingham say that a flaw in the German firm’s remote locking systems allows hackers to wirelessly unlock the doors and could affect practically every VW sold since 1995.

According to Wired Flavio Garcia and his team will, along with engineering firm Kasper & Oswald, reveal two vulnerabilities in remote locking systems to the Usenix security conference. They will show how the VW flaw affects up to 100m vehicles and how a second hack could leave millions of cars from other manufacturers, including Ford, Fiat, Nissan and Vauxhall, also open to attack.

The VW flaw stems from an internal encryption which uses a handful of key values across almost all vehicles. Using a cheap radio transmitter/receiver hackers could intercept the unique code sent by the target vehicle when it is locked and, using a computer, combine this with the common code to allow them to clone the car’s remote key fob.

The weakness affects cars from across the VW Group, which includes Skoda, Seat and Audi. And while they won’t reveal their exact methods the scientists have warned that four shared keys cover nearly 100m vehicles, meaning a hacker who managed to root out even one of the codes could leave millions of vehicles vulnerable.

The team previously exposed a weakness that allowed them to bypass the immobiliser feature of millions of vehicles from various manufacturers, including VW, and start them without a key. Combined, the two flaws would leave vehicles not only exposed to break-ins but to being driven away as well.